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DETAILED ACTION 

Response to Amendment 

1 . Claims'! -3 and 6-8 are pending in the case. Claim 1 has been amended. Claims 
4-5 and 9-19 have been cancelled. Applicant's amendment necessitated the new 
ground(s) of rejection presented in this Office action. 

Response to Arguments 

2. Applicant's arguments with respect to claims 1-3, 6-8, 10-1 1 and 13-19 rejected 
under 35 U.S.C. 103(a) have been considered but are moot in view of the new 
ground(s) of rejection. 

Drawings 

3. The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) 
because they do not include the following reference sign(s) mentioned in the 
description: Figure 2A references 230 as a traffic control computing device (Published 
Specification US2004/01 58643; par. 30). There is no "230" found on figure 2A. 
Examiner interprets "203" to be a misspelling of "230." Corrected drawing sheets in 
compliance with 37 CFR 1 .121(d) are required in reply to the Office action to avoid 
abandonment of the application. Any amended replacement drawing sheet should 
include all of the figures appearing on the immediate prior version of the sheet, even if 
only one figure is being amended. Each drawing sheet submitted after the filing date of 
an application must be labeled in the top margin as either "Replacement Sheet" or "New 
Sheet" pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, 
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the applicant will be notified and informed of any required corrective action in the next 
Office action. The objection to the drawings will not be held in abeyance. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1-3 and 6-8 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over US Patent Application Publication 2003/0188192 to Tang et al (Tang hereinafter) 
in view of what was well known in the art. 

Regarding claim 1 , Tang discloses a traffic control computing device (Tang, 
fig. 1,112 open network router, i.e. traffic control computing device) comprising: a 
traffic control interface connected to traffic control devices (Tang, fig. 1 , interfaces 
indicated by arrows between 118, 116, 102 and the router, i.e. traffic control device) 
which control traffic in a network using various filtering capabilities (Tang, 1J16, 
system for filtering encrypted packets implemented by mapping Access Control List and 
Security Information Transport Protocol tables to a filter rule constructor which 
generates rules necessary to decrypt the packet headers and filter the packets based 
on the identifiers in the encrypted packet header); a traffic control request interface 
connected to traffic control request detecting devices which determine whether 
traffic control must be executed by said traffic control devices (Tang, 1f17, The 
forwarding element, i.e. traffic control request interface, can be a combination of 
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hardware and software configured to transmit and route data. The forwarding element 
includes or is connected, i.e. interfaced, to one or more Internet hosts that provide 
temporary IP addresses to the local VPN endpoint. For Open Network router 
construction, there are multiple forwarding elements (fig. 1,108). Generally, there is at 
least one forwarding element connected, i.e. interfaced, to the Internet host(s) 116 and 
at lest one forwarding element connected, i.e. interfaced, to the VPN 102 or other local 
computer(s). ); a first storage device in which information about traffic control 
received via the traffic control request interface (Tang, 1|17, memory inside the 
control element; fig. 1, 120, 122) and a traffic control method list are stored (Tang, 
lf18, Filter Rule Constructor receives an Access Control Listing (ACL) table and a SITP 
mapping table and thereafter generates a graph of filter chains. The control element 
downloads the filter chain graph to the forwarding element) , the traffic control method 
list including a list of processes currently executed by each of the traffic control 
devices (Tang, 1J19, fig 1B, 104, 106); a traffic control computing unit connected to 
said traffic control interface, and connected to said traffic control request 
interface, and connected to said first storage device (Tang, 1J17, the control 
element; fig. 1, 120); a second storage device (Tang, 1J17, memory inside the control 
element; fig. 1, 120, 122; Tang discloses one or more networked computers having 
memory suggesting one or more memory, i.e. storage devices) in which capabilities 
of the traffic control devices are stored (Tang, H20-21)i_and a traffic control 
computing management interface (Tang, 1f17, the control element; fig. 1, 120), 
wherein said traffic control computing unit computes traffic control algorithms 
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based on traffic control requests received from said traffic control request 
detecting devices and stored in the first storage device and the capabilities of the 
traffic control devices stored in the second storage device (Tang, ^[20-21^ 
overwrites the traffic control method list stored in the first storage device based 
on the traffic control algorithms, and sends traffic control information based on 
the overwritten traffic control method list to the traffic control device (Tang, 1f22- 
25, details how a filter can be added or deleted from the list downloaded from memory, 
i.e. storage device), wherein said traffic control computing unit compares 
information about a sender of a second traffic control request received through 
said traffic control request interface for a match with any of traffic control 
information objects stored in said first storage device (Tang, 1J22-25 details how a 
filter can be added or deleted from the list downloaded from memory, i.e. storage 
device; FRC then compares the value for the new filter specified by the client to a 
predetermined value or range of values corresponding to secure, or encrypted packets, 
checks for a match; Processes described in fig. 4, 5, 6) and rejects said second traffic 
control request if the information about said sender of the second request is not 
stored in said first storage device (Tang, 1J22-25, details how a filter can be added or 
deleted from the list downloaded from memory, i.e. storage device; Processes 
described in fig. 4, 5, 6), wherein said traffic control computing management 
interface is configured to operate as a contact point for communicating with a 
network administrator and wherein said traffic control computing unit checks 
whether said second traffic control request received logically conflicts with any 
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traffic control request stored in said first storage device (Tang, 1J22-25 details how 
a filter can be added or deleted from the list downloaded from memory, i.e. storage 
device; FRC then compares the value for the new filter specified by the client to a 
predetermined value or range of values corresponding to secure, or encrypted packets, 
checks for a match; Processes described in fig. 4, 5, 6; 1J26 statistics information results 
can then be returned to a network manager) and, if said second traffic control 
request received logically conflicts with any traffic control request stored in said 
first storage device (Tang, 1J22-25, details how a filter can be added or deleted from 
the list downloaded from memory, i.e. storage device; FRC then compares the value for 
the new filter specified by the client to a predetermined value or range of values 
corresponding to secure, or encrypted packets, checks for a match or conflict; 
Processes described in fig. 4, 5, 6), compares information about the sender of the 
second traffic control request with information about the sender of said traffic 
control request that logically conflicts with said second traffic request received 
(Tang, 1J22-25, details how a filter can be added or deleted from the list downloaded 
from memory, i.e. storage device; FRC then compares the value for the new filter 
specified by the client to a predetermined value or range of values corresponding to 
secure, or encrypted packets, checks for a match or conflict; Processes described in fig. 
4, 5, 6), and, if both the senders are different, sends a notification of the logical 
confliction to said traffic control computing management interface (Tang, U22-25, 
details how a filter can be added or deleted from the list downloaded from memory, i.e. 
storage device; FRC then compares the value for the new filter specified by the client to 
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a predetermined value or range of values corresponding to secure, or encrypted 
packets, checks for a match or conflict; Processes described in fig. 4, 5, 6). 

Tang teaches a memory, i.e. storage device inside the control element (Tang, 
lf17; fig. 1, 120, 122). Tang also discloses one or more networked computers having 
memory suggesting one or more memory, i.e. storage devices (Tang, 1J17; fig. 1, 120, 
122). Tang does not explicitly teach a second storage device as in the claimed 
invention. Official Notice (see MPEP 2144.03) is taken that storing information at a 
second storage device within a traffic control device was well known in the art at the 
time of the invention. It would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify the teaching of Tang to store information relating to 
device capabilities on a second storage device to provide a more effective and efficient 
network. 

Regarding claim 2, Tang discloses the invention substantially as described in 
claim 1 above including, an information unit for acquiring information objects about 
traffic control details per traffic control device associated with IDs of the traffic 
control devices (Tang, 1J17, the control element; fig. 1 , 120), the traffic control details 
being now executed separately by said traffic control devices (Tang, 1J20-21), and 
a second storage device in which said acquired information objects about traffic 
control details per traffic control device associated with the IDs of the traffic 
control devices are stored (Tang, 1J22-25, details how a filter can be added or deleted 
from the list downloaded from memory, i.e. storage device; FRC then compares the 
value for the new filter specified by the client to a predetermined value or range of 
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values corresponding to secure, or encrypted packets, checks for a match or conflict; 
Processes described in fig. 4, 5, 6). 

Regarding claim 3, Tang discloses the invention substantially as described in 
claim 1 above including, wherein IDs of said traffic control request detecting 
devices are stored in said first storage device(Tang, 1J22-25, details how a filter can 
be added or deleted from the list downloaded from memory, i.e. storage device; FRC 
then compares the value for the new filter specified by the client to a predetermined 
value or range of values corresponding to secure, or encrypted packets, checks for a 
match or conflict; Processes described in fig. 4, 5, 6). 

Regarding claim 6, Tang discloses the invention substantially as described in 
claim 1 above including, wherein, if both said senders match, said traffic control 
computing unit is structured to assume that said sender of said traffic control 
request that conflicts with the second traffic control request sent a request to 
cancel said traffic control request that conflicts with the second traffic control 
request (Tang, 1J22-25, details how a filter can be added or deleted from the list 
downloaded from memory, i.e. storage device; FRC then compares the value for the 
new filter specified by the client to a predetermined value or range of values 
corresponding to secure, or encrypted packets, checks for a match or conflict; 
Processes described in fig. 4, 5, 6). 

Regarding claim 7, Tang discloses the invention substantially as described 
in claim 2 above including, wherein, when said information acquiring unit has been 
successful in newly acquiring a traffic control information object from a traffic 
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control device among the traffic control devices (Tang, 1J22-25, details how a filter 
can be added or deleted from the list downloaded from memory, i.e. storage device; 
FRC then compares the value for the new filter specified by the client to a 
predetermined value or range of values corresponding to secure, or encrypted packets, 
checks for a match or conflict; Processes described in fig. 4, 5, 6), said traffic control 
computing unit is structured to determine that said traffic control device is 
operating and updates the traffic control information object for the traffic control 
device among the traffic control devices (Tang, 1J22-25, details how a filter can be 
added or deleted from the list downloaded from memory, i.e. storage device; FRC then 
compares the value for the new filter specified by the client to a predetermined value or 
range of values corresponding to secure, or encrypted packets, checks for a match or 
conflict; Processes described in fig. 4, 5, 6) stored in said first storage device to said 
traffic control information object newly acquired (Tang, 1J22-25, details how a filter 
can be added or deleted from the list downloaded from memory, i.e. storage device; 
FRC then compares the value for the new filter specified by the client to a 
predetermined value or range of values corresponding to secure, or encrypted packets, 
checks for a match or conflict; Processes described in fig. 4, 5, 6). 

Regarding claim 8, Tang discloses the invention substantially as described in 
claim 2 above including, wherein that when a traffic control information object has 
failed to be acquired from a traffic control device among the traffic control 
devices (Tang, 1J22-25, details how a filter can be added or deleted from the list 
downloaded from memory, i.e. storage device; FRC then compares the value for the 
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new filter specified by the client to a predetermined value or range of values 
corresponding to secure, or encrypted packets, checks for a match or conflict; 
Processes described in fig. 4, 5, 6), said traffic control computing unit determines 
that said traffic control device among the traffic control devices (Tang, 1J22-25, 
details how a filter can be added or deleted from the list downloaded from memory, i.e. 
storage device; FRC then compares the value for the new filter specified by the client 
to a predetermined value or range of values corresponding to secure, or encrypted 
packets, checks for a match or conflict; Processes described in fig. 4, 5, 6) is not 
operating and deletes the traffic control information object for the traffic control 
device determined as being non-operating from said storage device (Tang, Tf22- 
25, details how a filter can be added or deleted from the list downloaded from memory, 
i.e. storage device; FRC then compares the value for the new filter specified by the 
client to a predetermined value or range of values corresponding to secure, or 
encrypted packets, checks for a match or conflict; Processes described in fig. 4, 5, 6). 
Conclusion 

6. In conclusion, in an effort to better place the claims in condition for allowance, 
Examiner encourages further modification of claim language to include language that is 
more precisely descriptive and provides a more clear representation of what the 
Applicant presents as the invention in the specification in a manner which overcomes 
the prior art as presented. Examiner also reminds Applicant that although the claims 
are interpreted in light of the specification, limitations from the specification are not read 
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into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 
1993). 

7. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: US 2004/0022243 to Jason, JR; US 2006/0070122 and US 
7,051,365 to Bellovin; US 2002/0090089 to Branigan et al; US 2004/0208151 to 
Haverinen et al; US 2006/0059558 to Selep et al. 

8. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to TARIQ S. NAJEE-ULLAH whose telephone number is 
(571)270-5013. The examiner can normally be reached on Monday through Friday 8:30 
- 6:00 EST. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob Jaroenchonwanit can be reached on (571) 272-3913. The fax 
phone number for the organization where this application or proceeding is assigned is 
571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/TN/ 



/Bunjob Jaroenchonwanit/ 

Supervisory Patent Examiner, Art Unit 2456 



